Be Prepared for Anything—Not Just Disaster
Reprinted with permission from HP

Most companies spend time anticipating and planning for disasters. But in a global economy, where opportunity and risk go hand-in-hand, other events can be as devastating to the unprepared as any hurricane.

The corporate landscape is dotted with potential landmines that can take a toll on businesses:

• Skyrocketing energy costs and environmental mandates are forcing cuts in energy consumption.
• Security audits can distract IT staff if the organization is not sufficiently prepared.
• E-discovery requests can hijack resources and negatively impact productivity.
• Loss of key personnel can be a setback if a company doesn’t have a succession plan in place.
• Lost storage media, like a stolen laptop, can lead to tarnished reputations and lowered revenues if removable media isn't encrypted and digital keys well-managed.

Many executives believe their chance of suffering a disaster is slim and operate their businesses accordingly. In enterprises with multiple locations, however, natural disasters and human-generated events are very likely, says Rob Enderle, principal analyst with technology analyst firm the Enderle Group. “While the incidence of disaster is slight locally, when the entire world is factored in, a major problem is not only certain, it is a recurring event.”

Disaster preparedness plans help minimize downtime, keep employees focused on their core responsibilities, and safeguard against the loss of revenue, customers and reputation. “You must have plans for each type of threat ready to execute at a moment's notice,” Enderle says.

1. Prepare for disaster
A computer infrastructure is the central nervous system of a business, and companies can’t afford for it to cease functioning. Downtime affects employee productivity, alienates customers and negatively impacts company reputation.

To ensure continuity and availability, conduct a business impact analysis to determine which services are the most crucial to protect and which have the highest priority to restore. The analysis also should assess the likelihood of types of risks to the business, and prioritize goals: generating revenue, supporting customers or providing services to employees? Create a plan and test it regularly.

2. Combat high energy costs
Rising costs and environmental mandates have companies examining ways to cut energy consumption. In many cases, computers can help. Reduced energy consumption can be achieved through alternative forms of cooling, virtualization, and replacing energy-hogging servers with newer models engineered to use less energy. The IT staff can learn how to leverage technology assets to cut energy consumption.

3. Plan for an audit
In some sectors, companies face periodic audits to ensure they’re complying with regulations such as the U.S.'s Sarbanes-Oxley Act and the European Union's Data Privacy Directive. Audits can be targeted at financial record-keeping, data privacy, security or legal compliance. Any type of audit can disrupt a business if IT isn’t prepared. Companies must learn what steps they can take to prepare for these events.

4. Anticipate e-discovery requests
The process of legal discovery, which uncovers relevant information before going to court, now relies heavily on electronically stored data. Both the content and mismanagement of e-mail, instant messaging and other electronic records have led to fines, judgments and convictions.

As a result, companies that do business in the U.S. (or that have U.S. partners or subsidiaries) are now subject to stricter standards for preserving and producing electronic business records. Using software tools and a records-management process can help manage and automate the process of electronic discovery, or e-discovery, in case of lawsuit.

Even if a company doesn’t do business in the U.S., however, the level of organization required for e-discovery preparedness can help it prove it is following privacy laws or other electronic information regulations now common across the globe.

5. Plan for succession
Companies invest heavily in IT leaders, yet they seldom have a plan for a handling the transition caused by the unexpected departure, resignation or death of an IT executive. Succession planning helps minimize the impact of an abrupt departure in leadership by grooming future IT leaders, preserving institutional knowledge and smoothing transitions.

6. Secure removable media
Every organization that handles confidential information of any sort is well aware of cases where a single laptop theft or the improper disposal of hard drive has lead to embarrassing and harmful data breaches. That's why removable media are increasingly encrypted, or locked, using digital keys. Unfortunately, as digital keys proliferate, the chance of losing, misplacing or accidentally destroying them is growing, too. A global key management system can help keep digital keys safe, organized, replicated and audited.